1 / 13

Technology Update

Technology Update. TSAG Meeting 2/13/03. Announcements:. Self-Service Account Utility Available http://www.csun.edu/account Disaster Recovery Test: (2/18-19) Networking Infrastructure: DNS, DHCP, Authentication (Radius & Directory) (3/?) E-mail Infrastructure:

vui
Download Presentation

Technology Update

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Technology Update TSAG Meeting 2/13/03

  2. Announcements: • Self-Service Account Utility Available http://www.csun.edu/account • Disaster Recovery Test: • (2/18-19) Networking Infrastructure: DNS, DHCP, Authentication (Radius & Directory) • (3/?) E-mail Infrastructure: • SIMSR Security Enhancement (2/18) VPN required for off-campus desktops • Directory Authentication for Peoplesoft HR/FN (1/13 => 2/19) • Campus UID, E-mail Address, or Peoplesoft Operator ID • Password resets handled by University Helpdesk and PS Helpdesk • SMTP Authentication (3/1) • Disk (Email and Data) Quotas (4/15) • Voice/IP Change Over (1/18-20 => 3/29-31) • Mainframe Shutdown (6/30)

  3. Agenda • CATS Conference (Gail Johnson) • Voice/IP Update (Greg Nicols) • TII Update (Bonnie Davis) • Mainframe Status (Don Foster) • Microsoft Licensing Changes (Kurt Webb) • IDS (Greg Duhon [Out Sick]) • Discussion on Slammer and Securing the Campus (Staff) • Presentation by Epson vendor (Charles Barnston)

  4. Call Accounting 911 Server

  5. Call Accounting 911 Server

  6. TII Update (Stage 2) • Stage 2: replacement of network electronics • Project/schedule negotiated between CO and SBC • Currently, all work is to be performed between 6:00am and 6:00pm • Little wiggle room exists in the schedule • Schedule Overview: • Core is complete • Building start: March 2002 (Sequoia, Sierra, Manz., ArtDesign) • Building stop: Dec 2002 • Local meetings will be held ~1 month before start of deployment

  7. Mainframe Status • Approximately, 50% of the applications have been migrated off. • 2000 user accounts 50-100 daily users • 134 remaining apps 16 appear active • All apps must be removed by June 30 • Local units are responsible to identify and to migrated their applications off • More info is needed: • A meeting can be arranged to work out details • Contact point: Don (x 5215)

  8. Microsoft Licensing Changes • New contract CSU-wide contract (effective 1/1/03) • Information on the processes, etc., is still being ferreted out • Four separate processes and licensing categories: • On Campus installations: should be performed via TSAG members or ITR/TES via a TSR • Home installations or the WAH (Work At Home) provision: software purchased via “ASAP” • Students: software purchased at Bookstore • Server Software: obtained via CSU ITAC members (for our campus it’s the CIO) • Stay tuned for Keys, CDs, and more information

  9. Cyber Attack: SQL Slammer • Primary Application Affected: MS SQL Server • Three Vulnerabilities: • Buffer overruns (stack and heap), and • DoS (keep alive packet exchange) • Server Resolution Service (port1434/UDP) (Port 1433/TCP is the default server port) • Affected Campus Servers: 6 (1+5) • Local Resource Costs: • Loss of Services • Campus Network [~3 days] • Functionality of several servers • Time of Campus IT Staff http://www.microsoft.com/technet/

  10. Discussion on Slammer (I) • Could we (the Campus) have avoided this attack from affecting on-campus systems or services? • Could we have minimized the affects of this attack on the Campus? • Could we have eliminated CSUN's participation in the attack? • Could we have recovered more quickly from this attack?

  11. Discussion on Slammer (II) • What controls/standards should have been in place prior to the attack? • What are the precursory steps that should have been taken in preparation for the attack? • What immediate steps should we taken to react to an attack?

  12. Desktop/OS/Application Standards • Why Standards? • To reduce the complexity of the system • To ensure the Campus community uses the appropriate technology to support the work of the students, faculty, and staff via a secure, reliable method. • To educate the faculty and administration on the rational of the standards and gain support • To develop transition plans (locally and campus-wide) to adopt new and phase-out old technology • TSAG’s task/role? • Develop and recommend standards and best practices • One size will not fit all! • How does TSAG want to self-organize its structure

  13. Next Round of ACLs • Block all outbound “Well Known Ports” (0 - 1024) • except: ftp(20,21[989,990]), ssh(22), telnet(23,[992]),http(80[443]) • Block all inbound to subnets 128-255 • except for registered Internet Servers • affected areas: • Sierra Tower, Jerome Richfield • DMJM Trailers, Student Services Bldg • University Student Union Sagebrush Hall • H-Complex Bank Building • PE, Athletics, Bldgs T, S, & O • Oviatt Library Science Buildings • Retain blocks on 1433 and 1434 • We routinely block attacking Class C networks

More Related